CVE-2017-11464

Опубликовано: 19 июл. 2017

Источник: debian

EPSS Низкий

Описание

A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
librsvg	fixed	2.40.18-1		package
librsvg	not-affected		jessie	package
librsvg	not-affected		wheezy	package

Примечания

https://bugzilla.gnome.org/show_bug.cgi?id=783835
Introduced in: https://git.gnome.org/browse/librsvg/commit/?id=054807726db76558728e7a7513aabc4698b3dc95 (2.40.9)
Fixed by: https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a

EPSS

Процентиль: 50%

0.00267

Низкий

Связанные уязвимости

CVE-2017-11464

CVSS3: 7.8

ubuntu

больше 8 лет назад

A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.

CVE-2017-11464

CVSS3: 3.3

redhat

больше 8 лет назад

A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.

CVE-2017-11464

CVSS3: 7.8

nvd

больше 8 лет назад

A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.

openSUSE-SU-2017:2149-1

suse-cvrf

больше 8 лет назад

Security update for librsvg

SUSE-SU-2017:2117-1

suse-cvrf

больше 8 лет назад

Security update for librsvg

EPSS

Процентиль: 50%

0.00267

Низкий